CVE-2026-0773
- EPSS 1.33%
- Veröffentlicht 23.01.2026 03:29:05
- Zuletzt bearbeitet 26.01.2026 15:03:51
Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulne...
- EPSS 0.06%
- Veröffentlicht 19.06.2025 21:00:14
- Zuletzt bearbeitet 08.07.2025 16:36:41
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/add_tool of the component Pickle Handler. The manipulation leads to deserialization. The e...
CVE-2025-6278
- EPSS 0.13%
- Veröffentlicht 19.06.2025 20:31:05
- Zuletzt bearbeitet 08.07.2025 16:38:18
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has bee...